Istio que

The Istio installation was easy to complete in the last section, but I’m sure it’s still a bit of a puzzle because there’s a bunch of pods running around and it doesn’t seem to have any effect. This section, we will take you to “do not fear the clouds cover the eyes, keep the clouds open to see the moon”. To achieve the desired results, set up a Deployment that looks like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
    template:
      metadata:
        labels:
          app: nginx
      spec:
        containers:
        -  name: nginx
           image: Nginx: 1.14 - alpine
           ports:
           - containerPort: 80
Copy the code

To create deployment, of course, you need to create a namespace first so that you can remember my brother in your soul:

# kubectl create ns jiuxi
# kubectl apply -f nginx-deployment.yaml -n jiuxi
Copy the code

After the command is executed successfully, query the nginx pod status:

# kubectl get pods -n jiuxi
Copy the code

Note that the ready column, which is 1/1, means that the POD has a container that is ready and running successfully.

And now for the exciting moment, because Istio is about to make its debut.

Manually inject sidecar

Execute the following statement:

#kube-inject -f nginx-deployment.yaml | kubectl apply -n jiuxi -f -
Copy the code

The following figure shows the command execution result:

Yaml is not changed, but the ready state has changed to 2/2. According to the above explanation, there are now two containers inside the POD, and both containers are running successfully and in a ready state. Why an extra container?

To view pod details:

# kubectl get pod -n jiuxi nginx-xxxx -o yaml # XXXX Fill in according to your actual situation
Copy the code

If you have a console like Rancher, you can take a closer look, as shown below.

From the picture above. Nginx pod has three internal containers: istio-init (), istio-proxy (), istio-proxy (), istio-proxy () and istio-proxy ().

At this point, you have manually woven Istio for the POD. But that’s not cool enough. Because I feel a little tired every time I build a POD, is there a batch or a more natural way?

The namespace injects sidecar

Now let’s delete the nginx we just created:

# kubectl delete deployments.apps nginx -n jiuxi
Copy the code

Run the following command to implement automatic sidecar injection in the namespace:

# kubectl label namespaces jiuxi istio-injection=enabled
# kubectl get ns jiuxi --show-labels Check whether the label was created successfully
Copy the code

Create nginx deployment again from the nginx-deployment.yaml file:

# kubectl apply -f nginx-deployment.yaml -n jiuxi
Copy the code

When the POD information is displayed, the SIDecar is automatically woven into the POD.

Since then, Istio’s manual and automatic weaving capabilities have been completed.

One of the whole series of service grid Istio — Preliminary study of Istio

Istio que

Manually inject sidecar

The namespace injects sidecar

Related Posts

Enhance for recycling considerations

Read Flink source code on design: Graph abstraction and layering

Design the cache architecture in a logical way